Page 3 of 11

Re: BaseJKA Security Fix

Posted: Wed May 23, 2007 11:01 pm
by Gamall
Je th'ébergeais déjà quand c'est arrivé ?

Si c'est le cas, il doit y avoir une trace dans les logs. Essaye de te rappeller précisément un passage de dialogue, un nom ou quelque chose de ce genre qui est arrivé en même temps.

Puis fais

Code: Select all

more <fichier log> | grep "<le passage>"
Avec un peu de chance, tu pourras retrouver comme ça...

Re: BaseJKA Security Fix

Posted: Sun May 27, 2007 6:39 pm
by Tyleor
non non ça devait être en 2004 ou 2005, et je pense que c'était sous japlus.
Je disais juste ça parce que c'était similaire

Re: BaseJKA Security Fix

Posted: Sun May 27, 2007 6:49 pm
by Gamall
Ok, il y a peu de chances d'en retrouver les logs, alors :lol

Re: BaseJKA Security Fix

Posted: Thu Jun 07, 2007 2:00 am
by cybermaniac
did you manage to sort out the banlist?


also you will find that majority of decent servers are actually running linux :/

Re: BaseJKA Security Fix

Posted: Thu Jun 07, 2007 1:29 pm
by Gamall
cybermaniac wrote:did you manage to sort out the banlist?
No. This is extremely low on my priorities list, as this is not a serious bug if the banlist is kept clean (you can use vstr to clean it automatically at each map change/restart if you're lazy).

IP banning being extremely inefficient anyway (95% of people have dynamic ips) cleaning the banlist frequently is not an issue. It is even recommended. For the few with a static ip, use vstr (again) and forget them.

If someone tries to use that bug + the autoban of my mod by launching fake players then changing ip etc over and over again (as you suggested), just deactivate ip autoban [which is absolutely not necessary for the mod to block fake players] and forget about it.

So really, I don't see how it is much of an issue in itself. It is neither a security issue nor something easily fixed, and there are simple workarounds to avoid problems with it, so it is a bit out of the scope of this mod.
cybermaniac wrote:also you will find that majority of decent servers are actually running linux :/
I know. I host servers myself, and I use linux. The mod is both for Win and Linux, so what is your point here ? :?

Re: BaseJKA Security Fix

Posted: Thu Jun 07, 2007 6:34 pm
by cybermaniac
Gamall wrote:
cybermaniac wrote:also you will find that majority of decent servers are actually running linux :/
I know. I host servers myself, and I use linux. The mod is both for Win and Linux, so what is your point here ? :?
i was inferring to the newest release :)

Re: BaseJKA Security Fix

Posted: Thu Jun 07, 2007 6:38 pm
by Gamall
cybermaniac wrote:i was inferring to the newest release :)
Oh, right :)

I had forgotten about this one :lol

Well, there are only two very minor fixes between 1.0e and 1.0f, and since the guy who requested them was on Win, I got lazy :P

If you feel the need for these two fixes as well, I'll go and compile a linux version... :D

Re: BaseJKA Security Fix

Posted: Fri Jun 08, 2007 9:51 pm
by cybermaniac
nah dont woz lol

its not exactly a big problem :)

Re: BaseJKA Security Fix

Posted: Tue Jun 26, 2007 5:42 pm
by GUARD!AN
Hello Gamall,

I am the owner of the Siege pug server Impulse, and I would like to first of all thank you for the great mod. There are 2 issues I would like to bring up however.

1. In basejka, the large turrets on the map mp/siege_hoth are supposed to fire only 2 shots at a time, I found out the hard way that for some reason every few seconds they would shoot 3. I have uploaded a demo of them shooting multiple shots.

http://www.freewebs.com/guardianx5/WTF%20TURRET.dm_26


2. The backflips are a little awkward, not quite the normal basejka ones, its kind of hard to describe, so if you need a demo of a basejka flip and one with your mod's flip, I can supply that as well.

Also, the admin mod looks very promising, I look forward to that so I don't have to give out rcon to my admins =/.

Re:

Posted: Tue Jun 26, 2007 6:45 pm
by Gamall
Hello :)
GUARD!AN wrote:1. In basejka, the large turrets on the map mp/siege_hoth are supposed to fire only 2 shots at a time, I found out the hard way that for some reason every few seconds they would shoot 3. I have uploaded a demo of them shooting multiple shots. m http://www.freewebs.com/guardianx5/WTF%20TURRET.dm_26
Very extremely strange :huh: I am quite sure I didn't alter anything of that kind :? So
-> Either it is a basejka bug you just didn't notice before.
-> Either it is a bug in the SDK (I used a linux-ready version of the SDK, which might have introduced that bug although I find that altogether unlikely)
-> More likely, it is a bug due to the discrepancy between my version of GCC, my flavour of Linux, and yours. Linux/GCC are not an exact science 8|. (I take it yours is a Linux-based server ?) If you cannot reproduce this bug on a windows server, then this is it.

I will look into it when I get more time, though :?
GUARD!AN wrote:2. The backflips are a little awkward, not quite the normal basejka ones, its kind of hard to describe, so if you need a demo of a basejka flip and one with your mod's flip, I can supply that as well.
Yep, I'd like a demo. Once again I'm really taken aback, since I did not edit anything gameplay-related. Same hypotheses as for the other one.


GUARD!AN wrote:Also, the admin mod looks very promising, I look forward to that so I don't have to give out rcon to my admins =/.
Oh. I'm sorry to disappoint you but, as I mentioned more than a month ago
Gamall wrote:edit: Since I don't really play JKA anymore, and have many other projects, I won't be working on that.
Last edited by Gamall on 11 May 2007 12:16 pm, edited 1 time in total
And on top of that I have a really busy timetable this summer (which I hadn't anticipated one month ago).

So I won't build that admin mod on top of my security mod, sorry. There are a great many admin mods out there. Perhaps there is one to your liking...

Let's say that, as a compromise, if you find an open-source admin mod you like, but which doesn't protect against the \say overflow (any decent mod should do that) or the fake players attack, I'll implement these protections into your admin-mod. Ok ? :)

Re: BaseJKA Security Fix

Posted: Tue Jul 24, 2007 3:37 am
by cybermaniac
would there be a way of modifying the logs, or adding a new command that makes another txt file that PURELY deals with saving connecting IP addresses and nicks?


basically, all that is needed, is that it takes this info:

2318:32Connect request from : \ip\86.71.233.xxx:-10529\challenge\714200483\qport\60372\protocol\26\name\jadenyoda\rate\4000\snaps\20\model\kyle/default\forcepowers\
7-1-032330000000001333\color1\4\color2\4\handicap\100\teamtask\0\sex\male\cg_predictItems\1\saber1\single_1\saber2\none\char_color_red\
255\char_color_green\255\char_color_blue\255\teamoverlay\1


no need to make it fancy and neat, just that info and a space for the next info

(if you WANT to make it fancy and neat) do:

IP: 86.71.233.xxx
name: jadenyoda

:P


but let me know if this IS possible


thx

Re: BaseJKA Security Fix

Posted: Tue Jul 24, 2007 4:30 pm
by Gamall
Yes, that would be quite possible.

But you can already extract that kind of info from the logs by using some kind of regex :)

Or I could make a proggy to generate that kind of output from the raw log, if you don't want to spend time studying regex (which I wouldn't blame you for :P). That will be easy. But I am currently in vacation, with no programming system installed as of yet (and no JKA installed either, in fact.)

I'll get to it eventually though, because it is true that the raw logs aren't quite readable :? The reason why I chose to display so much "garbage" info is debunking fakes: the info is like a "fingerprint" which, combined with IP tracing, makes it easier to decide who is who. :D

Re: BaseJKA Security Fix

Posted: Tue Jul 24, 2007 10:35 pm
by cybermaniac
dude, your logs are phenomenal, seriously.


the purpose of the extra piece is so we can build a list of IPs vs Nicks so we can catch fakers, hackers and whoever else we need.


and would it be possible so that the text file is actually created on the server (much like the games.log)?

Re: BaseJKA Security Fix

Posted: Wed Jul 25, 2007 12:19 am
by Gamall
cybermaniac wrote:a list of IPs vs Nicks so we can ...
In my experience, such a list is utterly useless. Most people have dynamical IPs, and even tracing those is no good, since their local network generally serves thousands of houses, ergo you can derive no certainty even from matching traces.

This is why I bothered logging the complete, unaltered connection packet. They can make identification much more reliable than anything that can be achieved with the IP alone.
cybermaniac wrote:and would it be possible so that the text file is actually created on the server (much like the games.log)?
If you do not have SSH access to you server, then no. (unless I alter the mod itself, but, since I don't play JKA at all anymore, I won't do that).

You'll have to download the logs to build the database.

Which doesn't change the fact that the list would actually be useless, as per above ;)
cybermaniac wrote:dude,...
Just so you know, I'm not a dude :lol

Re: BaseJKA Security Fix

Posted: Wed Jul 25, 2007 12:26 am
by cybermaniac
actually, a list of IPs is actually rather useful, especially if you cross reference with ping, location and ISP.


i know ur not a dude lol, just a common phrase i use ;)



on a seperate note, is it possible to get the server logs to log ping as well?